Paper 2023/263

DualMS: Efficient Lattice-Based Two-Round Multi-Signature with Trapdoor-Free Simulation

Yanbo Chen, University of Ottawa
Abstract

A multi-signature scheme allows multiple signers to jointly sign a common message. Recently, two lattice-based two-round multi-signature schemes based on Dilithium-G were proposed: DOTT by Damgård, Orlandi, Takahashi, and Tibouchi (PKC'21) and MuSig-L by Boschini, Takahashi, and Tibouchi (CRYPTO'22). In this work, we propose a lattice-based two-round multi-signature scheme called DualMS. Compared to DOTT, DualMS is likely to significantly reduce signature size, since it replaces an opening to a homomorphic trapdoor commitment with a Dilithium-G response in the signature. Compared to MuSig-L, concrete parameters show that DualMS has smaller public keys, signatures, and lower communication, while the first round cannot be preprocessed offline as in MuSig-L. The main reason behind such improvements is a trapdoor-free "dual signing simulation" of our scheme. Signature simulation of DualMS is virtually identical the normal signing procedure and does not use lattice trapdoors like DOTT and MuSig-L.

Metadata
Available format(s)
PDF
Category
Public-key cryptography
Publication info
Preprint.
Keywords
Multi-signatureDilithiumFiat-Shamir with abortsLatticePost-quantum
Contact author(s)
ychen918 @ uottawa ca
History
2023-02-23: approved
2023-02-22: received
See all versions
Short URL
https://ia.cr/2023/263
License
Creative Commons Attribution
CC BY

BibTeX 

@misc{cryptoeprint:2023/263,
      author = {Yanbo Chen},
      title = {DualMS: Efficient Lattice-Based Two-Round Multi-Signature with Trapdoor-Free Simulation},
      howpublished = {Cryptology ePrint Archive, Paper 2023/263},
      year = {2023},
      note = {\url{https://eprint.iacr.org/2023/263}},
      url = {https://eprint.iacr.org/2023/263}
}
Note: In order to protect the privacy of readers, eprint.iacr.org does not use cookies or embedded third party content.